Joomla Security Update 1.5.11

Details
Published on Wednesday, 03 June 2009 06:25
Severity: low to moderate
  • Some values were output from the database without being properly escaped. Most strings in question were sourced from the administrator panel.
  • A XSS vulnerability exists in the JA_Purity template which ships with Joomla! 1.5.
  • A XSS vulnerability exists in the user view of com_users in the administrator panel.

  • [20090603] - Core - Frontend XSS

    Posted: Wed, 03 Jun 2009 05:56:53 +0000
    • Project: Joomla!
    • SubProject: Site client
    • Severity: Low
    • Versions: 1.5.10 and all previous 1.5 releases
    • Exploit type: XSS
    • Reported Date: 2009-May-05
    • Fixed Date: 2009-June-02

    Description

    Some values were output from the database without being properly escaped. Most strings in question were sourced from the administrator panel.

    Affected Installs

    All 1.5.x installs prior to and including 1.5.10 are affected.

    Solution

    Upgrade to latest Joomla! version (1.5.11 or newer).

     

  • [20090602] - Core - ja_purity XSS

    Posted: Wed, 03 Jun 2009 05:56:42 +0000
    • Project: Joomla!
    • SubProject: ja_purity
    • Severity: Moderate
    • Versions: 1.5.10 and all previous 1.5 releases
    • Exploit type: XSS
    • Reported Date: 2009-April-06
    • Fixed Date: 2009-June-02

    Description

    A XSS vulnerability exists in the JA_Purity template which ships with Joomla! 1.5.

    Affected Installs

    All 1.5.x installs prior to and including 1.5.10 are affected.

    Solution

    Upgrade to latest Joomla! version (1.5.11 or newer).

     

  • [20090601] - Core - com_users XSS

    Posted: Wed, 03 Jun 2009 05:56:25 +0000
    • Project: Joomla!
    • SubProject: com_users
    • Severity: Moderate
    • Versions: 1.5.10 and all previous 1.5 releases
    • Exploit type: XSS
    • Reported Date: 2009-April-30
    • Fixed Date: 2009-June-02

    Description

    A XSS vulnerability exists in the user view of com_users in the administrator panel.

    Affected Installs

    All 1.5.x installs prior to and including 1.5.10 are affected.

    Solution

    Upgrade to latest Joomla! version (1.5.11 or newer).

Related Articles

proudly-canadian-flag.gif
Best Canadian Web Host for Joomla

Our Latest Joomla News

Our Latest Joomla Tips

Joomla Web Hosting

Joomla Resources

Joomla Tech Services



Joomla Web Hosting Canada RSS Feed

Looking to build an online community ?

Make your own custom Joomla Template

Artisteer - Joomla 1.6 Theme Generator